Network Security News – Thursday, July 27, 2006 Events
CMScout BBCode Tag XSS
CMScout contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user-supplied input to the BBCode tags. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/25247
CMScout Message Body XSS
CMScout contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user-supplied input upon submission to the forum posts or private messages. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/25246
vBulletin member.php u Variable XSS (Myth/Fake)
vBulletin has been reported to contain a flaw that allows a remote cross site scripting attack. This flaw supposedly exists because the application does not validate the 'u' variable upon submission to the member.php script. The vendor has disputed this report stating "userid parameter is run through our filtering system as an unsigned integer.". Read more at osvdb.org/27508
VMware Player .vmx ide1:0.fileName Parameter Overflow DoS (Myth/Fake)
EMC VMware Player contains a flaw that may allow a local denial of service. The issue is triggered when a user loads a .vmx file containing an ide1:0.fileName parameter with an overly long value, and will result in loss of availability for the the VMware instace. However, for an attacker to gain access and edit the .vmx file, it would require a level of access that would allow a wide variety of attacks. This level of access is considered to be trusted and not readily available to someone looking to launch this type of attack.. Read more at osvdb.org/27524
SiteDepth CMS constants.php SD_DIR Variable Remote File Inclusion
SiteDepth CMS contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to constants.php script not properly sanitizing user input supplied to the 'SD_DIR' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27412
WHM AutoPilot step_one_tables.php server_inc Variable Remote File Inclusion
WHM AutoPilot contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to step_one_tables.php not properly sanitizing user input supplied to the 'server_inc' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/12695
Opera Large href Tag DoS
Opera contains a flaw that may allow a remote denial of service. The issue is triggered when the browser is used to open a web page containing an 'A' tag with a very long 'href' value, and will result in a crash of the browser.. Read more at osvdb.org/27510
Pivot edit_new.php Paths[extensions_path] Variable Remote File Inclusion
Pivot contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to edit_new.php not properly sanitizing user input supplied to the 'Paths[extensions_path]' variable. This may allow an attacker to include a file from the local host or a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27512
PhpLinkExchange index.php page Variable Remote File Inclusion
PhpLinkExchange contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to index.php script not properly sanitizing user input supplied to the 'page' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27410
sNews snews.php search_query Variable XSS
sNews contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'search_query' variables upon submission to the 'snews.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/27481
Vuln: Asterisk IAX2 Remote Buffer Overflow Vulnerability
Asterisk IAX2 Remote Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/18295
Leave a Reply